Author: Editor

Cybercriminals Are Now Calling Your Employees
By in

Cybercriminals Are Now Calling Your Employees

Is Your Business Prepared?

Cyber threats are evolving, and one of the fastest-growing tactics right now is social engineering through trusted communication platforms.

Instead of trying to hack their way in, cybercriminals are increasingly talking their way in.

Attackers are impersonating IT staff, executives, vendors, and even coworkers via phone calls and collaboration tools such as Microsoft Teams, Webex, and other messaging platforms. Because employees already trust these tools for everyday work, the requests often seem legitimate.

And that’s exactly what attackers are counting on.

Why These Attacks Are Increasing

Social engineering attacks work because they exploit trust and urgency rather than technology.

A typical scenario might look like this:

  • An employee receives a phone call from someone claiming to be IT
  • A message appears in Teams or Webex asking for quick help with a login issue
  • Someone claiming to be an executive requests urgent access or information

The request often sounds routine and urgent.

But in many cases, it’s actually an attacker trying to gain access to credentials, systems, or sensitive company data.

Because these attacks occur through real-time communication, employees often react quickly without verifying the request.

Why Businesses Should Pay Attention Now

Cybercriminals know that traditional phishing emails are becoming easier to detect.

So they’re shifting toward direct interaction with employees, where they can build trust and pressure someone into taking action.

These attacks are often used to:

  • Steal login credentials
  • Bypass multi-factor authentication
  • Gain access to company systems
  • Launch ransomware or data theft attacks

For organizations without clear security procedures in place, it only takes one successful interaction to create a major security incident.

What Businesses Can Do

The good news is that many social engineering attacks can be stopped with a few important practices:

  • Verify unexpected requests. Employees should always confirm unusual access requests or account changes through a trusted channel.
  • Train employees to recognize social engineering. Security awareness training helps employees identify suspicious requests, even when they come through trusted platforms.
  • Limit and monitor access. Strong identity controls and system monitoring can prevent attackers from moving freely if they gain access.
  • Have experts watching your network. Continuous monitoring helps detect suspicious activity before it becomes a larger problem.
  • Security Starts with Awareness. Cybersecurity isn’t just about firewalls and software — it’s about people, processes, and visibility.

As cybercriminals continue to evolve their tactics, organizations that take a proactive approach to security are far better positioned to protect their operations and their data.

How Citynet Helps

Citynet helps organizations strengthen their cybersecurity posture with solutions designed to provide visibility, protection, and expert support.

Our managed IT and cybersecurity services help businesses monitor networks, detect threats early, and respond quickly to suspicious activity before it becomes a larger incident.

Citynet also provides security awareness training to help employees recognize phishing attempts, social engineering tactics, and suspicious requests — whether they arrive via email, phone, or collaboration platforms like Teams or Webex.

By combining technology, monitoring, and employee awareness, businesses can significantly reduce the risk of cyber incidents and strengthen their overall security posture.

If your organization is evaluating its cybersecurity readiness, our team is ready to help start the conversation.

Start Today
Shadow IT: The Apps Your Employees Use That IT Doesn’t Know About
By in

Shadow IT: The Apps Your Employees Use That IT Doesn’t Know About

When most businesses think about cybersecurity risk, they picture hackers breaking in from the outside.

But one of the fastest-growing risks isn’t external at all. It’s happening inside your organization…quietly, unintentionally, and often with good intentions.

It’s called Shadow IT.

And it’s growing faster than most businesses realize.

What Is Shadow IT?

Icon: AlertShadow IT refers to any software, app, cloud platform, or digital tool that employees use without formal IT approval or oversight. It can include:

  • Personal Dropbox or Google Drive accounts
  • Personal Gmail used for work communication
  • Free file-sharing platforms
  • Unapproved project management tools
  • Messaging apps
  • AI tools like ChatGPT used to upload company information
  • Browser extensions that access company data

Most of the time, employees aren’t trying to bypass security. They’re trying to be productive.

But productivity shortcuts can create serious security blind spots.

Why Employees Use Unapproved Apps

Shadow IT often grows because:

  • Approved tools feel slow or restrictive
  • Employees work remotely or on personal devices
  • Teams need quick collaboration solutions
  • Free versions of software are easy to download
  • AI tools provide instant answers

When official processes lag behind business needs, employees find their own solutions.

And those solutions rarely include enterprise-level security controls.

How Data Leaves the Company Without Anyone Noticing

The real risk of Shadow IT isn’t just unapproved apps. It’s data exposure. Sensitive information can quietly move outside your secure environment:

  • Client lists uploaded to personal cloud storage
  • Financial spreadsheets shared via personal email
  • HR documents stored in free file-sharing accounts
  • Contracts pasted into AI tools for editing
  • Passwords saved in unsecured browser extensions

Once that data leaves your managed environment, you lose:

  • Visibility
  • Access control
  • Audit trails
  • Encryption oversight
  • Backup protection

And in many cases, IT doesn’t even know it happened.

The Compliance and Cyber Insurance Risk

Shadow IT isn’t just a technical issue, it’s a compliance issue. For businesses subject to:

  • Financial regulations
  • Healthcare privacy laws
  • Contractual security obligations
  • Cyber insurance requirements

Unapproved data handling can create serious consequences. Cyber insurance applications increasingly ask about:

  • Data governance controls
  • Access management policies
  • Monitoring capabilities
  • Security awareness training

If sensitive data is stored outside approved systems, businesses may struggle to demonstrate compliance.

AI Tools and the New Wave of Shadow IT

Icon Lock ImageArtificial intelligence tools have accelerated the Shadow IT problem. Employees may upload:

  • Client data
  • Financial projections
  • Internal documentation
  • Proprietary content

Without understanding how that data is processed, stored, or retained.

While AI tools can be powerful productivity enhancers, they must be used with clear policies and guardrails.

Otherwise, organizations risk exposing intellectual property and confidential information.

Why Traditional Security Tools Don’t Catch Shadow IT

Many businesses believe their firewall or antivirus software will prevent this kind of risk.

But Shadow IT often bypasses traditional perimeter defenses because:

  • It happens in approved web browsers
  • It uses legitimate SaaS platforms
  • It involves employee credentials
  • It occurs over encrypted HTTPS traffic

Without monitoring, logging, and policy enforcement, these activities can remain invisible.

How Managed IT Brings Visibility and Control

The solution isn’t banning every new app.

It’s building visibility, governance, and education around technology use.

A proactive managed IT partner helps organizations:

Gain Visibility

  • Monitor network traffic and SaaS usage
  • Identify unsanctioned applications
  • Track abnormal data transfers

Implement Access Controls

  • Enforce least-privilege permissions
  • Centralize identity management
  • Require multi-factor authentication

Establish Clear Policies

  • Acceptable use guidelines
  • AI usage policies
  • Approved tool lists

Educate Employees

Through security awareness training, employees learn:

  • Why certain tools pose risks
  • How data should be handled
  • When to request approved alternatives

Shadow IT thrives in environments without visibility. It shrinks in environments with structured oversight.

Citynet Can Help

Citynet Logo Inverse

Turn technology into a competitive advantage — not a hidden risk. Citynet delivers the visibility, governance, and security your organization needs to grow with confidence.

Request a Managed Services Consultation Today.

Lets Go!
The New Employee Is Your Biggest Security Risk
By in

The New Employee Is Your Biggest Security Risk

(And It’s Not Their Fault)

When businesses think about cybersecurity risk, they often picture hackers, ransomware, or sophisticated phishing attacks. But one of the most common — and overlooked — security risks starts on day one:

A new employee.

Not because they’re careless.
Not because they’re malicious.
But because onboarding and offboarding processes often leave dangerous gaps.

If those gaps aren’t managed properly, they can quietly expose your organization to unnecessary risk.

Why New Employees Create Security Risk

Managed Services IconEvery time someone joins your team, access expands:

  • Email accounts
  • File shares
  • Cloud applications
  • CRM systems
  • Financial platforms
  • Remote access tools
  • Administrative permissions

Without structured processes, access can quickly spiral into what security professionals call access sprawl — more permissions than necessary, granted too quickly, and rarely reviewed. Over time, this creates hidden vulnerabilities across your organization.

Access Sprawl: When Permissions Multiply

In many businesses, new hires are given access “just in case” they might need it.

The problem?

Those permissions are rarely revisited.

Employees change roles. Responsibilities shift. Projects end. But access often remains.

The result:

  • Too many people with elevated permissions
  • Sensitive data accessible to unnecessary users
  • Increased risk if credentials are compromised

The principle of least privilege, giving users only the access they truly need, is often missing in growing organizations.

Shared Passwords and Informal Workarounds

Icon Passwords ImageIt’s more common than most leaders realize:

  • Shared logins for software tools
  • Sticky notes with passwords
  • Credentials stored in spreadsheets
  • Generic “admin” accounts used by multiple people

These practices may seem harmless in a busy workplace, but they eliminate accountability and create major security blind spots.

If a breach occurs, there’s no way to determine who accessed what — or when.

Former Employees with Active Access

One of the biggest risks isn’t new employees, it is former ones. When offboarding processes aren’t tightly controlled, former team members may retain:

  • Email access
  • VPN or remote login credentials
  • Cloud application permissions
  • Shared drive access
  • Administrative privileges

Even if the individual has no malicious intent, dormant accounts are prime targets for attackers.

Cybercriminals actively scan for unused credentials and orphaned accounts because they’re easier to exploit.

Shadow IT: The Tools IT Doesn’t Know About

Managed Services IconNew employees often bring their own habits and tools:

  • Personal file-sharing apps
  • Unapproved project management platforms
  • AI tools
  • Messaging apps
  • Personal cloud storage

Without visibility and policies in place, sensitive company data can quietly move outside your secure environment. This is known as shadow IT — and it grows quickly in fast-moving organizations.

Phishing: The First Test Most Employees Fail

Even well-meaning employees can fall victim to phishing emails — especially during their first few weeks on the job when they’re unfamiliar with internal processes.

Attackers often target new employees because:

  • They don’t recognize leadership names
  • They aren’t familiar with payment workflows
  • They want to make a good impression
  • They respond quickly to authority

Without proper security awareness training, the risk increases significantly.

How Managed IT and Security Training Close the Gaps

Emergency Mass Notification Solutions IconTechnology alone doesn’t solve onboarding and offboarding risk. Processes do.

A proactive managed IT partner helps businesses build structured, repeatable systems that protect the organization at every stage of the employee lifecycle. This includes:

  • Structured Onboarding Checklists
  • Role-based access controls
  • Least-privilege permissions
  • Secure device configuration
  • MFA enrollment

Secure Offboarding Procedures

  • Immediate credential deactivation
  • Access removal across all platforms
  • Device recovery and reset
  • Account audit verification

Ongoing Access Reviews

  • Regular permission audits
  • Administrative account monitoring
  • Dormant account cleanup

Security Awareness Training & Phishing Simulations

Citynet offers comprehensive security awareness training that helps employees recognize and report threats before damage occurs. Through simulated phishing campaigns, ongoing education, and measurable reporting, businesses gain:

  • Reduced click rates over time
  • Increased threat reporting
  • Stronger security culture
  • Documentation to support compliance and cyber insurance

Instead of hoping employees make the right choice, organizations can actively train them to do so.

Your Employees Aren’t the Problem. Unmanaged Processes Are

New employees are not a liability. In fact, they’re one of your greatest assets.

But without structured onboarding, offboarding, and security awareness programs, businesses unintentionally create risk at the exact moment they’re trying to grow.

Cybersecurity isn’t just about firewalls and antivirus software. It’s about managing people, permissions, and processes with intention.

Citynet Can Help

Citynet Logo InverseCitynet helps businesses build secure onboarding and offboarding systems, implement role-based access controls, and deliver ongoing security awareness training that reduces human risk over time.

Because the strongest cybersecurity strategy protects both your technology and your people.

Connect with us and let’s start a conversation on how we can help.

Lets Go!
The New Reality of Cyber Insurance Requirements for Small Businesses
By in

The New Reality of Cyber Insurance Requirements for Small Businesses

Cyber insurance used to feel like a safety net. Today, it’s starting to feel more like an application for a mortgage.

Across the country, insurance providers are tightening requirements, raising premiums, and even denying claims when businesses don’t meet modern cybersecurity standards. Many small and mid-sized organizations are discovering this shift the hard way, during policy renewal or after filing a claim.

Whether your business already has cyber insurance or is exploring coverage, here’s what’s changing and what you need to know.

Cyberattacks Are More Expensive Than Ever

Ransomware, phishing, and data breaches have grown dramatically in both frequency and cost. For insurers, the math has changed.

Claims related to ransomware and business email compromise have skyrocketed in recent years, costing insurers billions of dollars annually. As a result, cyber insurance providers are no longer willing to insure businesses that don’t demonstrate strong security practices. In short, cyber insurance is shifting from reactive coverage to proof of prevention.

Security Questionnaires Are Becoming Much More Detailed

If you’ve applied for cyber insurance recently, you may have noticed the application looks very different from what it did just a few years ago.

Today’s questionnaires often ask about:

  • Multi-factor authentication (MFA)
  • Endpoint detection and response (EDR)
  • Patch management and system updates
  • Employee security awareness training
  • Backup and disaster recovery practices
  • Email filtering and phishing protection
  • 24/7 monitoring and incident response
  • Remote access and VPN security
  • Administrative privilege controls

These aren’t just checkboxes. Insurers increasingly require proof that these controls are actually in place.

Premiums Are Rising…and Coverage Is Shrinking

Businesses are seeing:

  • Higher deductibles
  • Lower coverage limits
  • Increased premiums
  • More exclusions and conditions

Some organizations are even being denied coverage entirely if they cannot meet baseline security standards.

For many insurers, the question has shifted from “Do you want coverage?” to “Can you prove you are a lower risk?”

Claims Are Being Denied Due to Weak Security

This is one of the biggest changes that many businesses don’t realize.

If an investigation finds that required safeguards were not in place — or were misrepresented — claims may be reduced or denied.

Examples include:

  • No MFA enabled on email or remote access
  • Backups that were not tested or recoverable
  • Outdated or unpatched systems
  • Lack of employee security training
  • Shared or compromised credentials

Cyber insurance is no longer a substitute for cybersecurity. It is a partner to it.

Cyber Insurance Now Assumes a “Shared Responsibility” Model

Think of cyber insurance the same way you think of property insurance.

A fire insurance policy doesn’t replace smoke detectors, sprinklers, or safe wiring. It assumes you’ve taken reasonable precautions to reduce risk.

Cyber insurance works the same way. Insurers expect businesses to implement foundational security controls before coverage begins.

This shift is forcing many organizations to rethink how they manage technology and risk.

How Managed Security Helps Businesses Qualify

Meeting modern cyber insurance requirements can feel overwhelming, especially for small and mid-sized businesses without a dedicated IT or security team.

This is where managed IT and cybersecurity services play a critical role.

A proactive technology partner can help implement and maintain the controls insurers expect, including:

  • Continuous network monitoring
  • Patch and vulnerability management
  • Endpoint protection and threat detection
  • Secure backup and disaster recovery
  • Email security and phishing protection
  • Security awareness training
  • Access and identity management
  • Documentation for insurance questionnaires and audits

Instead of scrambling during renewal season, businesses can approach cyber insurance with confidence.

How Citynet Helps Businesses Meet Modern Cyber Insurance Requirements

As cyber insurance requirements evolve, many businesses are discovering they need more than basic IT support. They need a proactive technology partner who understands both cybersecurity and business risk.

Citynet’s managed IT and cybersecurity solutions are designed to help organizations build the security foundations insurers now expect, including:

  • 24/7 monitoring and proactive threat detection
  • Managed endpoint protection and patch management
  • Secure backup and disaster recovery solutions
  • Advanced email security and phishing protection
  • Security awareness training for employees
  • Access and identity management best practices
  • Documentation and guidance to support cyber insurance questionnaires

Instead of scrambling to meet new requirements at renewal time, businesses can move forward with confidence knowing their technology environment is being actively protected and professionally managed.

Citynet helps businesses reduce risk, strengthen security, and prepare for the evolving expectations of today’s cyber insurance providers.

Schedule a Consultation

Click Here
Citynet and Red Siege Webinar Inside the Attacker's Playbook
By in

Citynet and Red Siege Webinar Inside the Attacker's Playbook

Cybersecurity isn’t just about defense — it’s about understanding how real attackers think.

Join Citynet’s Craig Behr and Red Siege’s Tim Medin for an upcoming webinar, Inside the Attacker’s Playbook, where we’ll break down how real-world offensive operations uncover gaps — and how organizations can use those insights to reduce cyber risk before it becomes a business problem.

Play Video
Cyber Protection During Tax Season: What You Need to Know
By in

Cyber Protection During Tax Season: What You Need to Know

Checklist Icon 2026

Download & Share the Checklist

Tax season is stressful enough without worrying about cybercriminals. Unfortunately, this time of year is one of the busiest for online scams, phishing attacks, and data theft, targeting both households and businesses.

From fake IRS emails to stolen login credentials and compromised devices, cybercriminals know tax season creates urgency and confusion, making it the perfect opportunity to strike. The good news? A few smart precautions — and the right technology foundation — can dramatically reduce your risk.

Why Tax Season Attracts Cybercriminals

Tax-related data is extremely valuable. Social Security numbers, bank account details, employer information, and login credentials can all be exploited for identity theft or financial fraud.

Common tax-season threats include:

  • Phishing emails pretending to be from the IRS, tax software providers, or payroll services
  • Fake refund notifications urging you to “act now”
  • Malicious attachments or links that install malware
  • Credential theft from unsecured devices or networks

These attacks don’t just target large organizations. Small businesses, remote workers, and individuals are often seen as easier targets.

Legitimate Communications Still Require Extra Caution

Not every risk during tax season comes from a scam. Legitimate communications from banks, investment firms, employers, and tax providers often contain — or provide access to — highly sensitive information, whether delivered digitally or by mail.

To reduce exposure:

  • Be cautious with links in legitimate emails. Even trusted senders can be spoofed or compromised. When possible, access financial and tax accounts by typing the website address directly into your browser instead of clicking links.
  • Limit sensitive information stored in your inbox. Use secure online portals or paperless delivery options where documents are accessed only after logging in.
  • Protect physical mail and documents. Tax forms, bank statements, and investment records sent by mail should be retrieved promptly and stored securely.
  • Dispose of documents properly. Shred hard copies containing personal or financial information instead of throwing them away intact.
  • Avoid leaving documents unattended. Sensitive paperwork should not be left on desks, printers, or in shared spaces.

These extra precautions help reduce the risk of accidental exposure during a time of year when financial data is frequently shared.

Filing Early Can Reduce Security Risk

Filing your taxes early isn’t just about getting a refund sooner — it can also reduce your exposure to fraud.

Cybercriminals sometimes attempt to file fraudulent tax returns using stolen personal information. When a legitimate return is filed first, it becomes much harder for criminals to succeed.

Additional security benefits of filing early include:

  • Fewer weeks of sensitive data being shared, stored, or transmitted
  • Less last-minute pressure, which can lead to rushed decisions or missed warning signs
  • More time to identify and respond to suspicious activity if it occurs

Filing early, combined with secure online access and good cybersecurity practices, helps limit opportunities for tax-related fraud.

Warning Signs of Tax-Related Scams

Be cautious if you see:

  • Emails or texts demanding immediate action
  • Messages threatening penalties or arrest
  • Requests for sensitive information via email or text
  • Links that look official but lead to unfamiliar websites

The IRS and legitimate tax professionals will never ask for sensitive information through unsolicited messages.

How to Protect Yourself During Tax Season

Whether you’re filing personal taxes or managing business finances, these steps can help keep your data secure:

  1. Secure Your Internet Connection – A reliable, high-speed fiber connection isn’t just about speed — it supports secure data transfers, faster updates, and stronger protection for connected devices.
  2. Use Multi-Factor Authentication (MFA) – Enable MFA on tax software, email accounts, and financial platforms whenever possible. Even if a password is compromised, MFA adds a critical layer of protection.
  3. Keep Devices Updated – Unpatched systems are a favorite target for attackers. Regular updates help close security gaps before they can be exploited.
  4. Be Careful with Links and Attachments – If you didn’t expect it, don’t click it. When in doubt, go directly to the official website instead of using a link in a message.
  5. Back Up Important Data

Accidental deletions, ransomware, or system failures can be devastating during tax season. Secure backups ensure you can recover quickly if something goes wrong.

Key Tax Season Risks for Businesses

For businesses, tax season often means:
  • Increased sharing of sensitive employee data
  • Payroll processing and reporting
  • Communication with accountants and third parties
This makes it especially important to have:
  • Secure email and endpoint protection
  • Monitoring for suspicious activity
  • Backup and recovery solutions
  • Clear cybersecurity policies for employees
Proactive managed IT and cybersecurity services can help prevent issues before they disrupt operations.  Learn more >

What if Identity Theft Happens to You?

From consumer.ftc.gov

  •  Visit IdentityTheft.gov to report identity theft to the FTC and get a personal recovery plan.
  • IdentityTheft.gov walks you through recovery steps for more than 30 types of identity theft.
Checklist Shield 2026 Image

Download & Share the Checklist

The Citynet Difference: Connect. Protect. Perfect.

At Citynet, cybersecurity starts with a strong foundation. Our fiber network delivers the speed, reliability, and performance modern homes and businesses need — while our managed IT and cybersecurity solutions help protect your data, systems, and reputation.

With proactive monitoring, layered security, and expert support, Citynet helps organizations stay connected and protected…during tax season and all year long.

Because when it comes to your data, security should never be an afterthought.

Simple Tech That Makes Cold Weather Easier to Bear
By in

Simple Tech That Makes Cold Weather Easier to Bear

Winter can be tough. With cold temperatures, snow and ice, dry air, and higher heating bills, it’s no wonder the animals head into hibernation!

Unlike our furry and feathered friends, though, we have the benefit of technology to keep us comfortable and prepared for the frigid months.

And, with Citynet’s weather-stable reliable fiber internet, you’ll be all set for these simple tech tools to help make the cold weather easier to bear.

Smart Thermostats

There’s a reason smart thermostats have earned a top recommendation on any cold-weather tech list like this. They have reigned as the MVP of Winter Tech (and Summer Tech, when the weather heats up!) because of the comfort, savings, and simplicity they bring to any household.

A smart thermostat will automatically adjust temperatures based on your schedule, meaning it’ll be warm and cozy while you’re home but slightly cooler (and saving you money) while you’re away from home. They also help you avoid overheating empty rooms.

With apps that give you simple control from your phone, you’ll be able to track your energy usage and learn how to better save when you can, all while experiencing fewer “why is it so cold in here?” moments.

Smart Space Heaters

Even with a smart thermostat, you may still find corners of your home that don’t get a consistent warm air flow.

A smart space heater gives you room-by-room comfort with the added safety of tip-over protection, overheat shutoff, or app control for when you accidentally forget to shut it off when you leave the room or home.

Smart space heaters are perfect for drafty rooms or home offices and bedrooms where you spend more time with the door closed and limited airflow through the home.

Smart Plugs & Timers

Connected plugs and timers are often overlooked, but they are small tools that bring big conveniences. They are inexpensive and can be controlled with apps and smart home assistants like Alexa and Google Assistant.

They’re great for things like holiday lights and space heaters (when used according to manufacturer guidelines) for those who want the benefits of a smart home without replacing appliances.

Humidifiers and Air Purifiers

A lot of the discomfort you feel in cold temperatures could be caused by the quality and humidity of your indoor air.

Winter air is dry, leading to dry skin, uncomfortable sinuses, frizzy hair, and static shocks. You’re less likely to be outside or opening your windows to let in fresh air, leading to stagnant air in the house.

Smart or connected humidifiers can automatically detect overly dry air and maintain healthy moisture levels. Smart air purifiers detect poor quality air and run when needed, alerting you when filters need to be changed. Controlling your indoor air quality can improve both your comfort and your health.

Leak, Freeze, and Water Damage Prevention

Below-freezing temperatures can lead to huge consequences if your plumbing isn’t properly protected from freezing. But, burst pipes can happen to even the most prepared.

Smart water leak detectors are small devices that you place near water pipes in crawl spaces, utility rooms, and well houses. If water is detected, they will send an alert to your home, allowing you to catch and respond to a frozen and busted pipe more quickly. Many models will even send an alert to your phone if temperatures drop below freezing, meaning you can prevent freezing before it happens.

These little detectors are inexpensive, often less than $50 for a multi-unit set, meaning you’ll have greater peace of mind for less, all winter long.

Cold-Weather Gear with Tech Touches

Not all winter tech has to be “smart”!

One of our favorite winter comfort recommendations is touch-screen compatible gloves. With conductive materials added to the tips of the fingers, they conduct touch signals and allow you to use your phone without removing gloves. This is extremely helpful for texting, maps, or quick phone checks outdoors.

Don’t forget about portable power banks! These are a must in cold weather as a source of backup power when the electricity goes out or if you get stuck in bad road conditions on a long commute. Low temperatures drain batteries, so having a spare can be a huge help when you need it most.

Fiber is Better in Winter than Other Connectivity Options

Smart devices work best with stable connections, low lag, and consistent speeds that aren’t throttled when you use too much data.

Unlike cable (often slowed by cold temperatures), satellite and 5G home internet (whose service degrades when signals are blocked by snow and cloud cover and speeds are throttled with data use), fiber is built for all-weather conditions.

You can’t control the weather, but with some simple tech paired with a reliable internet connection, you can make winter more comfortable, safer, and more affordable.

Make the switch to Citynet Fiber Internet and start experiencing the internet you deserve!

Learn More
What Is a Romance or Dating Scam?
By in

What Is a Romance or Dating Scam?

Looking for love? You may be able to find your person online.

The stigma of online dating has long since passed. In fact, in 2023, Pew Research Center found that 30 percent of all U.S. adults, and 53 percent of those under the age of 30, had used an online dating app.

Where there’s a rise in technology use, there will be an increase in scammers looking to take advantage of the unsuspecting. In the case of dating apps, the Federal Trade Commission (FTC) reports that romance scams are one of the most financially damaging online scams today.

CITYNET wants you to stay safe and swipe past scammers, catfishers, and fake profiles. Read on for tips on identifying and reporting scams, and protecting yourself on apps.

What Is a Romance or Dating Scam?

A romance scam happens when someone pretends to be interested in a relationship with you to convince you to send them money, get personal information, or take over your online accounts. These scams often start friendly and build trust over time, making them very convincing that you’re talking to a real person.

We’ll cover how to pick up on the subtle clues to identify fake profiles.

Making an Honest and Safe Profile

The first step to success on any dating app starts with your profile. You want to make sure that the information you’re sharing is genuine, but that you’re not sharing too much on your bio or in private messages.

Only include your first name or your nickname, if possible. This protects you from scammers (or online stalkers) looking you up online and finding out more information than you’re ready to share. Scammers can piece together small details you give them with what they find online about you in their own research.

It’s safe to include your general interests, such as hobbies, music, pets, or favorite foods (so long as all of this information doesn’t include answers to online security questions).

You should include recent photos, so long as they don’t reveal more personal information such as your home address or workplace, license plates, or school or business logos.

You should not include any details about your home address, workplace, or other frequently visited locations. Avoid sharing your phone number, personal email, or any other contact information until you’re sure the person you’re talking to is real. Never send financial details to anyone you do not know in real life.

It’s easy to overshare without realizing it, so the safest bet is to not share any personal identifying information at least until you’ve been able to meet in person in a public, safe place.

Red Flags That a Profile May Be Fake

When you’re swiping through profiles, here are a few warning signs to spot fakes:

  • Profile photos look overly polished or “model-like.” You can even reverse-image search the photo to verify it’s not tied to other online social accounts with different names.
  • Poor grammar mixed with dramatic or overly emotional language.
  • They claim to be long distance, such as working overseas, in the military, or on an oil rig or construction job far away. This gives them the excuse not to meet you in person.
  • They avoid video calls or always have an excuse to not be able to be seen on video. This is a sign they aren’t who they are portraying themselves to be. Not all shy behavior is a scam, but repeated avoidance is a red flag.
  • They ask for money or gift cards, copies of your ID or personal documents, login codes sent to your phone or email, or banking or credit card information. They’ll often use excuses like emergency medical bills, travel problems, legal help, or business or investment opportunities. No legitimate relationship starts with a request for money.
  • They push to text, email, or message elsewhere quickly so that the dating platforms can’t monitor or block them once you leave. Stay on the platform until trust is established.

These patterns are consistently reported by the FTC and FBI by law enforcement officials and scammed citizens.

Dating Apps in the Age of AI

As AI becomes commonplace, scammers are starting to use the technology to be more sophisticated in their tactics.

Spotting an AI-operated dating account can be tricky. Unlike fake or foreign-operated scam accounts, AI profiles will use perfect grammar in their responses. The messages may feel generic or don’t directly answer your question.

As with traditional fake accounts, they may use romantic language very early, such as “You are my soulmate” or “We were meant to be.” Anyone who moves quickly is likely trying to gain your trust and affection early, making it harder for you to pick up on other red flags as time goes on.

Finally, the most obvious sign is instant replies to messages at all hours of the day. If it takes them just a few seconds to send a longer bit of text, that may indicate that it’s AI. Real people have jobs, hobbies, and lives that keep them from being on their phones all day. If they always reply to messages instantly, it could be AI.

To protect yourself, ask specific questions and follow-up questions to make sure the information stays accurate. Suggest a live video call early, and pay attention to the visuals in the video such as visual glitches, lip-sync issues, or unnatural movement. AI can now generate videos, but they are often easy to spot.

Trust your gut. If it feels scripted, fake, off, it probably is. AI makes scams easier to scale, but human interaction can reveal the cracks.

What To Do If You Think You’re Being Scammed

If you think you’re being scammed, stop responding immediately and report the profile on the platform. Monitor your financial and social accounts for any odd activity.

Do not confront the scammer. They are trained to manipulate emotions and rely on your silence and shame. They will try to embarrass you, though there is nothing to be embarrassed about.

If you’re unsure, ask for help. AARP has a Fraud Watch Network Helpline — 1-877-908-3360 — that allows you to talk to a real person, and you do not have to be an AARP member. They will help you determine if something is a scam, explain next steps, and help you calm down and think clearly.

How to Report

If your identity or money was stolen, report it to your local police as soon as possible. You will need the report for a bank or insurance claim, and it should be documented.

Otherwise, if you haven’t received any personal loss but suspect a scam, report it to the FTC at https://reportfraud.ftc.gov/. The FTC is the central database for consumer fraud in the U.S. and will use your report to help share widespread scams with law enforcement, state attorneys general, and other agencies that track scam patterns. They also use the reports to shut down scam operations, issue warnings, and improve protections on platforms and services.

Closing

Online dating can lead to healthy, lasting, and real relationships, but it’s important to use caution when sharing information with strangers online.

If something feels off, it probably is. Never feel shame if you get tricked; the people behind the scams are professionals at manipulating the unsuspecting. The most important thing you can do is ask for help and report it if you discover a fake account.